Fake OpenAI Repo Trended on Hugging Face Before Malware Found
May 11, 2026
A fraudulent OpenAI repository reached Hugging Face’s trending list while distributing infostealing malware targeting credentials and access tokens.
Cybersecurity
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Attackers chain Google sponsored ads with fake Claude.ai chat sessions to deliver MacSync, a macOS infostealer harvesting Keychain contents and browser credentials.
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
German and Spanish authorities shut down the relaunched Crimenetwork dark web marketplace and arrested its 35-year-old German operator in Mallorca under a European arrest warrant.
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
Researchers identify TCLBanker, a Brazilian banking trojan targeting 59 financial platforms that self-propagates by sending malicious messages through victims' WhatsApp and Outlook accounts.
cPanel and WHM Patch Three CVEs, Two Rated High Severity
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution on the host system.
Fake Claude AI Site Delivers New Beagle Windows Backdoor
A malicious website impersonating Claude AI distributes a new, previously undocumented Windows backdoor named Beagle to users seeking to download the AI assistant application.
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension prompt injection vulnerability in Claude ...
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
A critical unpatched Linux kernel privilege escalation flaw dubbed Dirty Frag lets local attackers gain root via a single command across major distributions.
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Fashion retailer Zara confirmed a data breach affecting over 197,000 customers after hackers accessed databases containing personal information from Inditex systems.
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
May 11, 2026
Attackers chain Google sponsored ads with fake Claude.ai chat sessions to deliver MacSync, a macOS infostealer harvesting Keychain contents and
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
May 11, 2026
German and Spanish authorities shut down the relaunched Crimenetwork dark web marketplace and arrested its 35-year-old German operator in Mallorca
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
May 11, 2026
Researchers identify TCLBanker, a Brazilian banking trojan targeting 59 financial platforms that self-propagates by sending malicious messages through victims’ WhatsApp
cPanel and WHM Patch Three CVEs, Two Rated High Severity
May 11, 2026
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
May 8, 2026
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution
Fake Claude AI Site Delivers New Beagle Windows Backdoor
May 8, 2026
A malicious website impersonating Claude AI distributes a new, previously undocumented Windows backdoor named Beagle to users seeking to download
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
May 8, 2026
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
May 8, 2026
A critical unpatched Linux kernel privilege escalation flaw dubbed Dirty Frag lets local attackers gain root via a single command
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
May 8, 2026
Fashion retailer Zara confirmed a data breach affecting over 197,000 customers after hackers accessed databases containing personal information from Inditex
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.